On Monday 03 October 2005 09:00 am, Dave Gutteridge wrote:
> > You should never login to GUI as root. Never as in not ever.
>> Okay. Out of curiosity, why not?
>
Two Schools of thought:
#1 By logging in to do a few tasks as root, you open numerous programs as root
you do not need to. This creates a security problem - programs running with
root privileges for no reason.
#2 Windows admins log in as administrator all the time, and somehow keep their
machines malware free (well, some do), and certain types of network equipment
has a gui - and no user OTHER than root or admin!
I've always thought its best to use your judgment. Small tasks - use the
commandline, without a doubt. If you have 80 things to do, unjack from the
network and login as root. If the machine is running in production and you
are afraid of the consequences....wait, why do you need to change 80 things
on a production machine?? :-P
Some modern versions of Debian will *not* let you login as root at the login
screen, or run a program as root easily (have to use the kdesu or sudo
facilities). I think this is overkill. Some level of judgement should be
allowed on the part of the operator.